<?php require_once 'C:\xampp\htdocs\GreenwichFreecycle\include\links.php'; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb">

    <head>
        <meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
        <title>please enter your validation code</title>
    </head>

    <body>
        <?php
        require_once 'C:\xampp\htdocs\GreenwichFreecycle\validation\validations.php';
        require_once 'C:\xampp\htdocs\GreenwichFreecycle\include\utility.php';
        require_once 'C:\xampp\htdocs\GreenwichFreecycle\include\accountProcess.php';
// blimmin magic quotes should be off
        if (get_magic_quotes_gpc()) {
            $_POST = stripslashes_array($_POST);
        }
// copy POST input to scalars
        extract($_POST);

// the Yes button commits input to the database
// change below to correct button 
        //TODO: if $_POST['submitButton'] && isset($_POST['userName']) && isset($_POST['userPassword'])
        $allowVCodeInput = '';
        if (isset($_POST['submitButton'])) {
           if(isset($_POST['userNameAC']) && isset($_POST['userPasswordAC'])){
               if(validateUserName($userNameAC)&& validateUserPassword($userPasswordAC)){
                   if(isUserAndPasswordValid(trim($userNameAC), trim($userPasswordAC))){
                       $allowVCodeInput = 'set';
                   }
               }
               else{header('Location: ' . URLFORM);}
           } 
           elseif (isset($_POST['vCode'])) {
                if (validateVCode($vCode)) {
                    $showOutcome = tryActivate($vCode);
                }
                if ($showOutcome) {
                    header('Location: ' . URLMEMBERS);
                    // should i direct user to a page to show what happen
                    //or direct user to next page informing them there or even on this page
                }
            }
        }
        ?> 
        <div id="page">
            <h1>page to activate your account</h1>
            <h2>please enter your five digit code to activate your account</h2>
            <form action="" method="post" enctype="application/x-www-form-urlencoded">
                <fieldset>
                    <legend>validation code</legend>
                    <?php
                    if (!isset($_SERVER['HTTP_REFERER']) || (isset($_SERVER['HTTP_REFERER'])) && !($_SERVER['HTTP_REFERER'] == URLLIST)) {
                        echo
                        '<label for="userName">please enter your username</label>' .
                        '<input type="text" name="userNameAC" id="userNameAC" maxlength="18" size="10"/> ' .
                        '<br/>' .
                        '<label for="password">please enter your password</label>' .
                        '<input type="password" name="userPasswordAC" id="userPasswordAC" maxlength="16" size="12"/>' .
                        '<br/>' .
                         '<input type="hidden" name="allowVCode" value="' . $allowVCodeInput . '" />';
                    }
                    ?>
                    <?php
                    if ((isset($allowVCode) && $allowVCode == 'set') || (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] == URLLIST))
                    {echo
                    '<label for="vCode">please enter your 5 digit code</label>' .
                    '<input type="text" name="vCode" id="vCode" maxlength="5" size="5"/>' .
                    '<br/>';
                    }
                    ?>
                    <input type="submit" value="Submit" name="submitButton"/>
                </fieldset>
            </form>
        </div>
    </body>

</html>
